harmonyos-dev-pro
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill instructions mandate running
node scripts/check_env.cjsas part of the initialization workflow. This script file is absent from the analyzed files, meaning the agent would be executing unverified code from an unknown source if it exists on the host or is meant to be part of the skill's assets. - [EXTERNAL_DOWNLOADS] (MEDIUM): The skill performs
ohpm installto manage project dependencies. This operation downloads code from external repositories (typically the OpenHarmony/HarmonyOS package registry), posing a standard but noteworthy risk of supply chain compromise. - [COMMAND_EXECUTION] (LOW): The skill uses various system commands for environment verification and project setup (
ohpm -v,hvigorw -v,git init,xcopy). While appropriate for the task, these commands constitute an active command execution surface. - [INDIRECT_PROMPT_INJECTION] (MEDIUM): The skill is designed to read and interpret
build-profile.json5from the target project. A maliciously crafted file could attempt to influence the agent's logic through data poisoning. - Ingestion points: Reads
build-profile.json5in the 'Build & Verify' capability. - Boundary markers: No delimiters or safety instructions are defined for the agent when processing this file.
- Capability inventory: Includes command execution (
ohpm,node), file system modification (xcopy), and version control (git). - Sanitization: There is no mention of validating or sanitizing the content retrieved from the JSON5 configuration file before use.
Recommendations
- AI detected serious security threats
Audit Metadata